Nixpkgs security tracker

Dismissed

(not in Nixpkgs)

Permalink CVE-2026-39615

updated 1 month, 2 weeks ago by @LeSuisse Activity log

Created suggestion 1 month, 2 weeks ago
@LeSuisse dismissed (not in Nixpkgs) 1 month, 2 weeks ago

WordPress Download Manager plugin <= 3.3.53 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shahjada Download Manager download-manager allows Stored XSS.This issue affects Download Manager: from n/a through <= 3.3.53.

References

https://patchstack.com/database/Wordpress/Plugin/download-manager/vulnerability… vdb-entry

Affected products

download-manager

=<3.3.53

Matching in nixpkgs

pkgs.lomiri.lomiri-download-manager

Performs uploads and downloads from a centralized location

nixos-unstable 0.3.0
- nixpkgs-unstable 0.3.0
- nixos-unstable-small 0.3.0
nixos-25.11 0.2.2
- nixos-25.11-small 0.2.2
- nixpkgs-25.11-darwin 0.2.2

pkgs.lomiri-qt6.lomiri-download-manager